Conversation

Notices

1. Verius (verius@community.highlandarrow.com)'s status on Wednesday, 22-Mar-2017 19:38:30 UTC Verius
   LastPass browser extension has major security vulnerabilities. Advice is to remove your browser extensions. Those extensions are 90% of the appeal of that password manager though.
   • Bob Mottram repeated this.
   • Bob Mottram (bob@social.freedombone.net)'s status on Wednesday, 22-Mar-2017 20:24:40 UTC Bob Mottram

     in reply to
     @verius LastPass always seemed like a bad idea to me.
   • Bob Mottram (bob@social.freedombone.net)'s status on Wednesday, 22-Mar-2017 20:30:39 UTC Bob Mottram

     • nds
     @nds Putting all your passwords onto some guy's server and then accessing them insecurely via a browser doesn't seem like a great plan. You can be certain that server will be targeted by foxacid and such.
   • Bob Mottram (bob@social.freedombone.net)'s status on Wednesday, 22-Mar-2017 20:34:03 UTC Bob Mottram

     • Annah's got the Shotgun
     @maiyannah @verius password managers are ok if you don't keep the file on the internet. I just keep the file on a USB keyring and it doesn't get uploaded to some guy's server. That data only moves via sneakernet.
   • Archaeme (archaeme@gs.archae.me)'s status on Thursday, 23-Mar-2017 02:33:40 UTC Archaeme

     • Bob Mottram
     • LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}
     @lnxw48a1 @verius @bob I would recommend password managers that support offline storage like KeePassX and https://www.passwordstore.org/.  The latter is what I use nowadays.
     Bob Mottram likes this.
     Bob Mottram repeated this.